package services

import (
	"rbac-abac-demo/models"
	"rbac-abac-demo/utils"
)

func CheckRBAC(user *models.User, resource, action string) bool {
	for _, p := range utils.RBACPolicies {
		if p.Resource == resource && p.Action == action {
			return user.Role == p.RequiredRole
		}
	}
	return false // 无策略定义 → 拒绝
}
